I feel it's generally accepted that the open-source nature of Linux, the centralised software repositories common on most flavours, and its popularity for server applications - meaning a strong incentive to find and fix bugs - make it the most secure OS, even more so if you put a little effort into setting it up properly.

Ive only read about xp being affected. What slightly confuses me is I though Microsoft discontinued supporting xp a year or more ago but I've read articles that Microsoft released a fix for this vulnerability 3 months ago and those systems affected simply hadn't updated to the latest patches. Does anyone know if that's correct?

General support for Windows XP was discontinued but companies could purchase ongoing support if they wanted, though it was expensive to do so, so new patches are still being developed for it.

I think Microsoft have now released a patch for this specific exploit for Windows XP/Server 2003 for everyone though.

I've heard that it would have cost something like 5 million to purchase ongoing support for the entire NHS, which I consider relatively cheap considering how much the government wastes on other far less important things, but they didn't want to pay their much so didn't bother.

Ive only read about xp being affected. What slightly confuses me is I though Microsoft discontinued supporting xp a year or more ago but I've read articles that Microsoft released a fix for this vulnerability 3 months ago and those systems affected simply hadn't updated to the latest patches. Does anyone know if that's correct?

General support for Windows XP was discontinued but companies could purchase ongoing support if they wanted, though it was expensive to do so, so new patches are still being developed for it.

I think Microsoft have now released a patch for this specific exploit for Windows XP/Server 2003 for everyone though.

I've heard that it would have cost something like 5 million to purchase ongoing support for the entire NHS, which I consider relatively cheap considering how much the government wastes on other far less important things, but they didn't want to pay their much so didn't bother.

I think they were told at the time it was for 1 year only though, so during that year they would have to upgrade. Looking at one article on the Guardian the migration of computers away from Windows XP was a condition of the deal.

Ive only read about xp being affected. What slightly confuses me is I though Microsoft discontinued supporting xp a year or more ago but I've read articles that Microsoft released a fix for this vulnerability 3 months ago and those systems affected simply hadn't updated to the latest patches. Does anyone know if that's correct?

General support for Windows XP was discontinued but companies could purchase ongoing support if they wanted, though it was expensive to do so, so new patches are still being developed for it.

I think Microsoft have now released a patch for this specific exploit for Windows XP/Server 2003 for everyone though.

I've heard that it would have cost something like 5 million to purchase ongoing support for the entire NHS, which I consider relatively cheap considering how much the government wastes on other far less important things, but they didn't want to pay their much so didn't bother.

I think they were told at the time it was for 1 year only though, so during that year they would have to upgrade. Looking at one article on the Guardian the migration of computers away from Windows XP was a condition of the deal.

There is a registry hack that you can use to extend the life of your XP by 5 years. It basically tells Microsoft Update that you're using the embedded version of XP.

Also there is very very little reason to be on XP, the major issue at least where I was was 16bit apps as 7 didn't support them, however 8 and up added it back so it was easier to them move if you stays 32 bit.

Ironhide wrote:I've heard that it would have cost something like 5 million to purchase ongoing support for the entire NHS, which I consider relatively cheap considering how much the government wastes on other far less important things, but they didn't want to pay their much so didn't bother.

There are loads of tin foil hat stuff about the NSA back doors in Linux. Linus Torvalds parents were communists don't you know.

In all seriousness the NSA probably does have Linux vulnerabilities on file. Not a conspiracy, like, they're just good at what they do. But I feel since they likely have vulnerabilities for everything on file, it's inescapable and therefore not worth worrying about.

There are loads of tin foil hat stuff about the NSA back doors in Linux. Linus Torvalds parents were communists don't you know.

In all seriousness the NSA probably does have Linux vulnerabilities on file. Not a conspiracy, like, they're just good at what they do. But I feel since they likely have vulnerabilities for everything on file, it's inescapable and therefore not worth worrying about.

It's not exactly a secret that the NSA are, dangerously, stockpiling zero day exploits rather than alerting developers to them so they can be patched. In my opinion this is a more a danger because agencies that are supposed to be protecting the public are actually sitting on vulnerabilities rather than trying to protect us from them. The average person does not have much to fear from the agencies per say. Still doesn't mean I don't mind the fact that security agencies are so obsessed with hoarding data that they are completely failing to do their actual jobs.